rpm package
suse/kernel-64kb&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS
Vulnerabilities (1,350)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-48760 | Hig | 7.1 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix hang in usb_kill_urb by adding memory barriers The syzbot fuzzer has identified a bug in which processes hang waiting for usb_kill_urb() to return. It turns out the issue is not unlinking the UR | |
| CVE-2022-48759 | Hig | 7.0 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev struct rpmsg_ctrldev contains a struct cdev. The current code frees the rpmsg_ctrldev struct in rpmsg_ctrldev_release_device(), but the cdev i | |
| CVE-2022-48758 | Med | 5.5 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() The bnx2fc_destroy() functions are removing the interface before calling destroy_work. This results multiple WARNings from sysfs_remo | |
| CVE-2022-48756 | Med | 5.5 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable The function performs a check on the "phy" input parameter, however, it is used before the check. Initialize the "dev" variable after the sanity check | |
| CVE-2022-48754 | Hig | 8.4 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd527d56 ("phylib: Add device reset GPIO support") added call to phy_device_reset(phydev) after the put_device() call in phy_detach(). The comment before the put | |
| CVE-2022-48752 | Med | 5.5 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Fix power_pmu_disable to call clear_pmi_irq_pending only if PMI is pending Running selftest with CONFIG_PPC_IRQ_SOFT_MASK_DEBUG enabled in kernel triggered below warning: [ 172.851380] --------- | |
| CVE-2022-48749 | Med | 5.5 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc The function performs a check on the "ctx" input parameter, however, it is used before the check. Initialize the "base" variable after the sanity chec | |
| CVE-2022-48748 | Hig | 7.5 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: bridge: vlan: fix memory leak in __allowed_ingress When using per-vlan state, if vlan snooping and stats are disabled, untagged or priority-tagged ingress frame will go to check pvid state. If the port sta | |
| CVE-2022-48747 | Hig | 7.5 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in bio_truncate() bio_truncate() clears the buffer outside of last block of bdev, however current bio_truncate() is using the wrong offset of page. So it can return the uninitialized dat | |
| CVE-2022-48746 | Med | 5.5 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix handling of wrong devices during bond netevent Current implementation of bond netevent handler only check if the handled netdev is VF representor and it missing a check if the VF representor is o | |
| CVE-2022-48738 | Hig | 7.1 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() We don't currently validate that the values being set are within the range we advertised to userspace as being valid, do so and reject any values th | |
| CVE-2022-48732 | Hig | 7.8 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking when parsing init scripts embedded in the BIOS reject access to the last byte. This causes driver initialization to fail on Apple eMac's wit | |
| CVE-2022-48730 | Med | 5.5 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to | |
| CVE-2022-48728 | Med | 5.5 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix AIP early init panic An early failure in hfi1_ipoib_setup_rn() can lead to the following panic: BUG: unable to handle kernel NULL pointer dereference at 00000000000001b0 PGD 0 P4D 0 Oops: 00 | |
| CVE-2022-48726 | Hig | 7.8 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: RDMA/ucma: Protect mc during concurrent multicast leaves Partially revert the commit mentioned in the Fixes line to make sure that allocation and erasing multicast struct are locked. BUG: KASAN: use-after-fr | |
| CVE-2022-48724 | Med | 5.5 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() After commit e3beca48a45b ("irqdomain/treewide: Keep firmware node unconditionally allocated"). For tear down scenario, fn is only freed afte | |
| CVE-2021-4439 | Hig | 7.8 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr->cnr to avoid array index out of bound The cmtp_add_connection() would add a cmtp session to a controller and run a kernel thread to process cmtp. __module_get(THIS_MODULE); session->ta | |
| CVE-2022-48722 | Med | 5.5 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: ca8210: Stop leaking skb's Upon error the ieee802154_xmit_complete() helper is not called. Only ieee802154_wake_queue() is called manually. We then leak the skb structure. Free the skb structu | |
| CVE-2022-48717 | Hig | 7.8 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: ASoC: max9759: fix underflow in speaker_gain_control_put() Check for negative values of "priv->gain" to prevent an out of bounds access. The concern is that these might come from the user via: -> snd_ctl_ele | |
| CVE-2022-48715 | Med | 5.5 | < 5.3.18-150300.59.167.1 | 5.3.18-150300.59.167.1 | Jun 20, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe Running tests with a debug kernel shows that bnx2fc_recv_frame() is modifying the per_cpu lport stats counters in a non-mpsafe way. Just boot a debug kernel and r |
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix hang in usb_kill_urb by adding memory barriers The syzbot fuzzer has identified a bug in which processes hang waiting for usb_kill_urb() to return. It turns out the issue is not unlinking the UR
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev struct rpmsg_ctrldev contains a struct cdev. The current code frees the rpmsg_ctrldev struct in rpmsg_ctrldev_release_device(), but the cdev i
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() The bnx2fc_destroy() functions are removing the interface before calling destroy_work. This results multiple WARNings from sysfs_remo
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable The function performs a check on the "phy" input parameter, however, it is used before the check. Initialize the "dev" variable after the sanity check
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd527d56 ("phylib: Add device reset GPIO support") added call to phy_device_reset(phydev) after the put_device() call in phy_detach(). The comment before the put
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Fix power_pmu_disable to call clear_pmi_irq_pending only if PMI is pending Running selftest with CONFIG_PPC_IRQ_SOFT_MASK_DEBUG enabled in kernel triggered below warning: [ 172.851380] ---------
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc The function performs a check on the "ctx" input parameter, however, it is used before the check. Initialize the "base" variable after the sanity chec
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: net: bridge: vlan: fix memory leak in __allowed_ingress When using per-vlan state, if vlan snooping and stats are disabled, untagged or priority-tagged ingress frame will go to check pvid state. If the port sta
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in bio_truncate() bio_truncate() clears the buffer outside of last block of bdev, however current bio_truncate() is using the wrong offset of page. So it can return the uninitialized dat
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix handling of wrong devices during bond netevent Current implementation of bond netevent handler only check if the handled netdev is VF representor and it missing a check if the VF representor is o
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() We don't currently validate that the values being set are within the range we advertised to userspace as being valid, do so and reject any values th
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking when parsing init scripts embedded in the BIOS reject access to the last byte. This causes driver initialization to fail on Apple eMac's wit
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix AIP early init panic An early failure in hfi1_ipoib_setup_rn() can lead to the following panic: BUG: unable to handle kernel NULL pointer dereference at 00000000000001b0 PGD 0 P4D 0 Oops: 00
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/ucma: Protect mc during concurrent multicast leaves Partially revert the commit mentioned in the Fixes line to make sure that allocation and erasing multicast struct are locked. BUG: KASAN: use-after-fr
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() After commit e3beca48a45b ("irqdomain/treewide: Keep firmware node unconditionally allocated"). For tear down scenario, fn is only freed afte
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr->cnr to avoid array index out of bound The cmtp_add_connection() would add a cmtp session to a controller and run a kernel thread to process cmtp. __module_get(THIS_MODULE); session->ta
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: ca8210: Stop leaking skb's Upon error the ieee802154_xmit_complete() helper is not called. Only ieee802154_wake_queue() is called manually. We then leak the skb structure. Free the skb structu
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: ASoC: max9759: fix underflow in speaker_gain_control_put() Check for negative values of "priv->gain" to prevent an out of bounds access. The concern is that these might come from the user via: -> snd_ctl_ele
- affected < 5.3.18-150300.59.167.1fixed 5.3.18-150300.59.167.1
In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe Running tests with a debug kernel shows that bnx2fc_recv_frame() is modifying the per_cpu lport stats counters in a non-mpsafe way. Just boot a debug kernel and r
Page 32 of 68